What is the quantum threat

Asymmetric cryptography, or public-key cryptography, provides confidentiality and integrity for sensitive information. It is used extensively by the Government of Canada and by private sector organizations to secure and protect communications networks, cryptographic keys during their distribution, data at rest, and more. Most organizations currently rely on asymmetric public-key cryptography to secure: - digital signatures: used to provide source authentication and integrity authentication as well as support the non-repudiation of messages, documents, or stored data; - identity authentication processes: to establish an authenticated communication session or authorization to perform a particular action; - key transport of symmetric keys (e.g., keywrapping, data encryption, and message authentication keys) and other keying material (e.g., initialization vectors); and - privilege authorization processes. > Security implications of quantum computing: Current encryption protocols, such as Secure Socket Layer (SSL) and Transport Layer Security (TLS), based on existing public-key algorithms, are capable of protecting network communications from attacks by classical computers. A fault-tolerant quantum computer, however, could break the mathematical challenges that underlie these and other protocols in a matter of hours or even seconds. > > Deloitte Insights, April 2021 Asymmetric cryptography is based on the premise that two or more parties exchange public keys to establish a shared secret key to encrypt data. Symmetric cryptography on the other hand is based on the premise that all parties have already shared the exact same key prior to communicating. Once developed, quantum computers will be able to use quantum physics to efficiently process information and solve problems that are impractical to solve using current computing technologies. Quantum computers will be able to compromise the algorithms used in asymmetric cryptography. This means that all classified, sensitive, and/or confidential information and communications that were protected using public-key cryptography, especially those having a medium to long-term intelligence value or commensurate need for long-term confidentiality, will be vulnerable to decryption by adversaries or business competitors that have quantum computers. 1